Merge pull request #22 from sahensley/add-bandit

Add Bandit scanning to pipeline [RHELDST-12100]
release-engineering · Jul 3, 2022 · cceaae9 · cceaae9
2 parents a5f7140 + 2183dc9
commit cceaae9
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -11,6 +11,10 @@ matrix:
     env: TOX_ENV=cov-travis DEPLOY=1
   - python: "3.5"
     env: TOX_ENV=docs
+  - python: "3.8"
+    env: TOX_ENV=py3-bandit-exitzero
+  - python: "3.8"
+    env: TOX_ENV=py3-bandit
 script: tox -e $TOX_ENV
 after_success:
 - test $TOX_ENV = docs && scripts/push-docs

diff --git a/tox.ini b/tox.ini
@@ -45,6 +45,14 @@ use_develop=true
 commands=
 	sphinx-build -M html docs docs/_build
 
+[testenv:py3-bandit-exitzero]
+deps = bandit
+commands = bandit -r . -l --exclude './.tox' --exit-zero
+
+[testenv:py3-bandit]
+deps = bandit
+commands = bandit -r . -ll --exclude './.tox'
+
 [flake8]
 max-line-length = 100